|
阅读:2256回复:1
怎么得到kernel32.lib的基地址?
请教一个获得kernel32.lib在虚存中的起始地址的问题
代码贴上,程序能编译,链接但不能运行 .... .code _SEHHandler proc C _lpExceptionRecord,\ _lpSEH,_lpContext,_lpDispatcherContext pushad mov esi,_lpExceptionRecord mov edi,_lpContext mov eax,_lpSEH assume esi:ptr EXCEPTION_RECORD,edi:ptr CONTEXT push [eax+0ch] pop [edi].regEbp push [eax+8] pop [edi].regEip push eax pop [edi].regEsp assume esi:nothing,edi:nothing popad mov eax,ExceptionContinueExecution ret _SEHHandler endp _GetKernelBase proc _dwKernelRet local @dwReturn assume fs:nothing push ebp lea eax,[offset PageError] push eax lea eax,[offset _SEHHandler] push eax push fs:[0] mov fs:[0],esp mov edi,_dwKernelRet and edi,0ffff0000h .while TRUE .if word ptr [edi] ==IMAGE_DOS_SIGNATURE mov esi,edi add esi,[esi+03ch] .if word ptr [esi]==IMAGE_NT_SIGNATURE mov @dwReturn,edi .break .endif .endif PageError: sub edi,010000h .break .if edi<070000000h .endw pop fs:[0] add esp,0ch popad mov eax,@dwReturn ret _GetKernelBase endp start: invoke _GetKernelBase, [esp] invoke wsprintf,offset szBuffer,offset szStr,eax invoke MessageBox,NULL,offset szBuffer,offset szCaption,MB_OK ret end start |
|
|
沙发#
发布于:2008-08-10 16:07
去搜搜 罗聪有个暴力搜索的代码的
|
|